Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-0789
HistoryFeb 14, 2012 - 12:00 a.m.

CVE-2012-0789

2012-02-1400:00:00
ubuntu.com
ubuntu.com
8

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.077 Low

EPSS

Percentile

94.1%

JSON

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote
attackers to cause a denial of service (memory consumption) by triggering
many strtotime function calls, which are not properly handled by the
php_date_parse_tzfile cache.

Bugs

Notes

Author Note
sbeattie patch is invasive and changes some interfaces, likely to introduce regressions
mdeslaur too intrusive to fix, marking as “ignored”

Related

cve 1
prion 1
nessus 20
openvas 25
freebsd 1
oraclelinux 3
veracode 6
centos 3
redhat 3
suse 4
gentoo 1
f5 2
cve
cve
CVE-2012-0789
2012-02-14 15:55:00
prion
prion
Memory corruption
2012-02-14 15:55:00
nessus
nessus
FreeBSD : php5 -- Denial of Service in php_date_parse_tzfile() (9b2a5e88-02b8-11e2-92d1-000d601460a4)
2012-09-20 00:00:00
PHP < 5.3.9 Multiple Vulnerabilities
2012-01-16 00:00:00
PHP < 5.3.9 Multiple Vulnerabilities
2012-01-16 00:00:00
openvas
openvas
FreeBSD Ports: php5
2012-09-19 00:00:00
FreeBSD Ports: php5
2012-09-19 00:00:00
PHP Web Form Hash Collision Denial of Service Vulnerability - Windows
2012-01-03 00:00:00
freebsd
freebsd
php5 -- Denial of Service in php_date_parse_tzfile()
2010-12-08 00:00:00
oraclelinux
oraclelinux
php security update
2012-06-27 00:00:00
php53 security update
2012-06-27 00:00:00
php security update
2012-06-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:42:12
Denial Of Service (DoS) Or Directory Traversal
2019-05-02 04:42:12
Denial Of Service (DoS)
2019-05-02 04:42:12
centos
centos
php security update
2012-06-27 20:21:47
php53 security update
2012-06-27 20:24:26
php security update
2012-07-10 17:36:22
redhat
redhat
(RHSA-2012:1045) Moderate: php security update
2012-06-27 00:00:00
(RHSA-2012:1047) Moderate: php53 security update
2012-06-27 00:00:00
(RHSA-2012:1046) Moderate: php security update
2012-06-27 00:00:00
suse
suse
Security update for PHP5 (important)
2012-03-24 03:08:28
update for php5 (important)
2012-03-29 15:08:14
Security update for PHP5 (important)
2012-04-12 23:08:15
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
f5
f5
SOL13518 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
Multiple PHP vulnerabilities
2012-04-05 02:07:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.077 Low

EPSS

Percentile

94.1%

JSON
Related for UB:CVE-2012-0789
cve1prion1nessus20openvas25freebsd1oraclelinux3veracode6centos3redhat3suse4gentoo1f52